BACK TO JOBS
JO - 565
Ethical Hacker
How
You will become part of a small team of autonomous individuals who, alone or together, will research and attack systems, networks and applications in the pursuit of risk discovery. You will prove your thesis by conducting the attack, make that risk transparent to the other party and give advice on its remediation. As a member of this team you will enjoy an atmosphere that dispenses with the idea of up-selling services and billable hours, we are a small team who focus on making KPN more secure. We place strong emphasis on self-development because, as a team, we believe that this is the path towards more effective individual members. There is a divers workload, from mobile app to hardware hacking, from web application to complex infrastructures, we take your preference into account as much as possible.
Why
More than ever the digital landscape is shifting, where the threats in the digital world can and sometimes are more effective than traditional military armaments. The intention is to integrate security into the mindset of not just our own interests but to be an example to others that security can, and should, be part of the development of any project. As a member of this team you will enjoy an atmosphere that dispenses with the idea of billable hours and focuses instead on self-development because, as a team, we believe that this is the path towards more effective individual members.
Your role
You are someone who looks at things and automatically starts thinking from the perspective of a malicious actor. How they would exploit its weaknesses, whether physical or digital. You enjoy CTFs, cipher puzzles and spend your spare time reverse engineering binaries or playing games like hackthebox. We accept many people from many walks of life, so don’t be afraid if your degree seems unrelated to the position. There will be a chance to show us what you can do. If you already have your OSCP and/or OSCE then all the better. A working knowledge of python, linux systems, windows systems/powershell is a must. Knowledge of OWASP, NIST, CIS would also be beneficial. Skills focusing on mobile app security, cloud security, physical device hacking and wireless communication protocols would be great, but are not required (the desire to learn more about these topics is, however, an implicit requirement).
What you will bring us
You will participate in the testing and security efforts of KPN and her interests. Your challenge would be: 1. Keeping up to date with current attack methodologies and events; 2. Development of tooling to help you automate certain tasks; 3. Consistently Training/Improving your skill set; 4. Effectively communicate issues with colleagues and project member Your role will also involve collaborating with other branches of the business to deal with broader security concerns like planned awareness engagements, real world incidents and the risk assessment of real world geopolitics. You have minimum of two years of pentest experience.
What you will get in return
* A 37 hour work week (40 hours is also possible)
* A gross salary of (max) € 5.560,- plus 10,5% top-up payment;
* A company issued laptop, cellphone (with unlimited plan) and 50% discount on personal device subscriptions of KPN
* A generous training budget (10K max)
* Participation in our ‘New way of working’ which affords some freedom over the timing and location of your work;
* Excellent pension opportunities;
* Guidance from experienced colleagues, who will gladly help you to develop further, but also like to learn from you.
Who we are
We are an attack focused branch of the security information office (CISO) of KPN. We plan, coordinate and execute engagements on projects, infrastructure and the systems of KPN proper. Sometimes these engagements are purely digital, sometimes they are physical (trying to get into buildings you are not supposed to be in) and sometimes these engagements are unannounced to the wider company (Phishing campaigns for example). We are a team dedicated to discovering our flaws before our adversaries do, whether external or internal and to attempt to aid in their mitigation in a timely manner. We are a team of people who have an utter thirst for knowledge and we pride ourselves on our training and self-development allowances. If you think you would fit well within a team of autodidacts who love learning and sharing that knowledge with each other then please contact us. Please note that an assessment and screening are part of the interview process.
For further details please find the jobdescription here:
https://jobs.kpn.com/nl/nl/job/KPN_15592/Ethical-Hacker
You will become part of a small team of autonomous individuals who, alone or together, will research and attack systems, networks and applications in the pursuit of risk discovery. You will prove your thesis by conducting the attack, make that risk transparent to the other party and give advice on its remediation. As a member of this team you will enjoy an atmosphere that dispenses with the idea of up-selling services and billable hours, we are a small team who focus on making KPN more secure. We place strong emphasis on self-development because, as a team, we believe that this is the path towards more effective individual members. There is a divers workload, from mobile app to hardware hacking, from web application to complex infrastructures, we take your preference into account as much as possible.
Why
More than ever the digital landscape is shifting, where the threats in the digital world can and sometimes are more effective than traditional military armaments. The intention is to integrate security into the mindset of not just our own interests but to be an example to others that security can, and should, be part of the development of any project. As a member of this team you will enjoy an atmosphere that dispenses with the idea of billable hours and focuses instead on self-development because, as a team, we believe that this is the path towards more effective individual members.
Your role
You are someone who looks at things and automatically starts thinking from the perspective of a malicious actor. How they would exploit its weaknesses, whether physical or digital. You enjoy CTFs, cipher puzzles and spend your spare time reverse engineering binaries or playing games like hackthebox. We accept many people from many walks of life, so don’t be afraid if your degree seems unrelated to the position. There will be a chance to show us what you can do. If you already have your OSCP and/or OSCE then all the better. A working knowledge of python, linux systems, windows systems/powershell is a must. Knowledge of OWASP, NIST, CIS would also be beneficial. Skills focusing on mobile app security, cloud security, physical device hacking and wireless communication protocols would be great, but are not required (the desire to learn more about these topics is, however, an implicit requirement).
What you will bring us
You will participate in the testing and security efforts of KPN and her interests. Your challenge would be: 1. Keeping up to date with current attack methodologies and events; 2. Development of tooling to help you automate certain tasks; 3. Consistently Training/Improving your skill set; 4. Effectively communicate issues with colleagues and project member Your role will also involve collaborating with other branches of the business to deal with broader security concerns like planned awareness engagements, real world incidents and the risk assessment of real world geopolitics. You have minimum of two years of pentest experience.
What you will get in return
* A 37 hour work week (40 hours is also possible)
* A gross salary of (max) € 5.560,- plus 10,5% top-up payment;
* A company issued laptop, cellphone (with unlimited plan) and 50% discount on personal device subscriptions of KPN
* A generous training budget (10K max)
* Participation in our ‘New way of working’ which affords some freedom over the timing and location of your work;
* Excellent pension opportunities;
* Guidance from experienced colleagues, who will gladly help you to develop further, but also like to learn from you.
Who we are
We are an attack focused branch of the security information office (CISO) of KPN. We plan, coordinate and execute engagements on projects, infrastructure and the systems of KPN proper. Sometimes these engagements are purely digital, sometimes they are physical (trying to get into buildings you are not supposed to be in) and sometimes these engagements are unannounced to the wider company (Phishing campaigns for example). We are a team dedicated to discovering our flaws before our adversaries do, whether external or internal and to attempt to aid in their mitigation in a timely manner. We are a team of people who have an utter thirst for knowledge and we pride ourselves on our training and self-development allowances. If you think you would fit well within a team of autodidacts who love learning and sharing that knowledge with each other then please contact us. Please note that an assessment and screening are part of the interview process.
For further details please find the jobdescription here:
https://jobs.kpn.com/nl/nl/job/KPN_15592/Ethical-Hacker
KPN
DATE POSTED
May 17, 2022
More Jobs from KPN
Ethical Hacker Security Incident HandlerVIEW ALL JOBS BY KPN
